[Stateless SG] Add test if new SG is always stateful by default

This patch adds test which checks if newly created SG is stateful and if
corresponding ACLs in OVN have correct action, which is "allow-related".

Change-Id: Ieaf1485edbaee841ee8672046df4db69e48b2707

tobiko/tests/scenario/neutron/test_security_groups.py

@@ -153,3 +153,34 @@ class StatelessSecurityGroupTest(BaseSecurityGroupTest):
         )
         self._check_sg_rule_in_ovn_nb_db(new_rule['id'],
                                          neutron.STATEFUL_OVN_ACTION)
+
+    def test_new_security_group_is_stateful(self):
+        """Test that newly created security group is stateful by default.
+
+        This test checks if newly created SG is stateful by default
+        and if OVN's ACLs corresponding to the SG's rules have correct
+        action which is "allow-related".
+
+        Steps:
+        1. Create SG for the project,
+        2. Check if ACLs corresponding to the rules from that SG have
+           "action-related" action,
+        3. Add new SG rule in the SG,
+        4. Check action of the ACL corresponding to the newly created SG rule.
+        """
+        sg = neutron.create_security_group(
+            name="test_new_security_group_is_statefull_SG",
+        )
+        self.assertTrue(sg['stateful'])
+        self._check_sg_rules_in_ovn_nb_db(sg, neutron.STATEFUL_OVN_ACTION)
+        new_rule = neutron.create_security_group_rule(
+            sg['id'],
+            port_range_min=1111,
+            port_range_max=1111,
+            ethertype="IPv4",
+            protocol="tcp",
+            description="test_new_security_group_is_statefull_SG rule",
+            direction="ingress"
+        )
+        self._check_sg_rule_in_ovn_nb_db(new_rule['id'],
+                                         neutron.STATEFUL_OVN_ACTION)